This blog is a personal book on Security/ IDM related thoughts/opinions.
The blog posts are a personal opinion only and neither reflect the views of current/past employers nor any OTHER person living/dead on this planet.

I have been a LinkedIn member since inception. It feels like close to decade+. I respect and utilize their services on a daily basis. Their advances in technology primarily big data analytics impresses me.

But when customers/users provide you their information, then it is of utmost importance to safeguard it. LinkedIn failed to do that. But they are not alone. Everyday, we hear some data breach. The fundamental problem is that there is no easy way to secure anything. Passwords are useful to achieve the minimum level of security, with minimum set up. But they are not the best forms of security. Working toward preventing data breaches should be part of a daily routine.

The blog post from Vicente is very assuring. In the next few years, LinkedIn will probably have fewer news reports about data breaches. Hopefully, Ganesh Krishnan (from my alma mater, BMSCE) can shine.

What LinkedIn needs to do is take their advances in big data analytics into security intelligence. Salting/Hashing passwords is just the first step. You should incorporate device registration as well as use security analytics to thwart future breaches. Please be the first to show us the way with big data security analytics.

Good Luck to LinkedIn!

(Now can we please do something about the "Who viewed your profile?" leaks on LinkedIn on mobile apps?).